Skip to content

Commit 233a0d3

Browse files
Add instance_from_teamplate and instance_from_machine_image tests
1 parent 22d00f9 commit 233a0d3

2 files changed

Lines changed: 181 additions & 0 deletions

File tree

mmv1/third_party/terraform/services/compute/resource_compute_instance_from_machine_image_test.go.tmpl

Lines changed: 96 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -417,6 +417,40 @@ func TestAccComputeInstanceFromMachineImage_VSSWindows(t *testing.T) {
417417
}
418418
{{- end }}
419419

420+
func TestAccComputeInstanceFromMachineImage_workloadIdentity(t *testing.T) {
421+
t.Parallel()
422+
423+
var instance map[string]interface{}
424+
instanceName := fmt.Sprintf("tf-test-%s", acctest.RandString(t, 10))
425+
generatedInstanceName := fmt.Sprintf("tf-test-generated-%s", acctest.RandString(t, 10))
426+
randomSuffix := acctest.RandString(t, 10)
427+
resourceName := "google_compute_instance_from_machine_image.foobar"
428+
429+
context := map[string]interface{}{
430+
"instance_name": instanceName,
431+
"generated_instance_name": generatedInstanceName,
432+
"random_suffix": randomSuffix,
433+
"identity_id": "tf-test-id-1-" + randomSuffix,
434+
"identity_certificate_enabled": true,
435+
}
436+
437+
acctest.VcrTest(t, resource.TestCase{
438+
PreCheck: func() { acctest.AccTestPreCheck(t) },
439+
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
440+
CheckDestroy: testAccCheckComputeInstanceFromMachineImageDestroyProducer(t),
441+
Steps: []resource.TestStep{
442+
{
443+
Config: testAccComputeInstanceFromMachineImage_workloadIdentity(context),
444+
Check: resource.ComposeTestCheckFunc(
445+
testAccCheckComputeInstanceExists(t, resourceName, &instance),
446+
resource.TestCheckResourceAttr(resourceName, "workload_identity_config.0.identity", fmt.Sprintf("ns/tf-test-ns-%s/sa/tf-test-id-1-%s", randomSuffix, randomSuffix)),
447+
resource.TestCheckResourceAttr(resourceName, "workload_identity_config.0.identity_certificate_enabled", "true"),
448+
),
449+
},
450+
},
451+
})
452+
}
453+
420454
func testAccCheckComputeInstanceFromMachineImageDestroyProducer(t *testing.T) func(s *terraform.State) error {
421455
return func(s *terraform.State) error {
422456
config := acctest.GoogleProviderConfig(t)
@@ -1490,6 +1524,68 @@ resource "google_compute_instance_from_machine_image" "foobar" {
14901524
`, context)
14911525
}
14921526

1527+
func testAccComputeInstanceFromMachineImage_workloadIdentity(context map[string]interface{}) string {
1528+
return acctest.Nprintf(`
1529+
data "google_compute_image" "my_image" {
1530+
family = "debian-11"
1531+
project = "debian-cloud"
1532+
}
1533+
1534+
resource "google_iam_workload_identity_pool" "pool" {
1535+
workload_identity_pool_id = "tf-test-pool-%{random_suffix}"
1536+
mode = "TRUST_DOMAIN"
1537+
}
1538+
1539+
resource "google_iam_workload_identity_pool_namespace" "ns" {
1540+
workload_identity_pool_id = google_iam_workload_identity_pool.pool.workload_identity_pool_id
1541+
workload_identity_pool_namespace_id = "tf-test-ns-%{random_suffix}"
1542+
}
1543+
1544+
resource "google_iam_workload_identity_pool_managed_identity" "id" {
1545+
workload_identity_pool_id = google_iam_workload_identity_pool_namespace.ns.workload_identity_pool_id
1546+
workload_identity_pool_namespace_id = google_iam_workload_identity_pool_namespace.ns.workload_identity_pool_namespace_id
1547+
workload_identity_pool_managed_identity_id = "%{identity_id}"
1548+
}
1549+
1550+
resource "google_compute_instance" "vm" {
1551+
name = "%{instance_name}-source"
1552+
machine_type = "e2-medium"
1553+
zone = "us-central1-a"
1554+
1555+
boot_disk {
1556+
initialize_params {
1557+
image = data.google_compute_image.my_image.self_link
1558+
}
1559+
}
1560+
1561+
network_interface {
1562+
network = "default"
1563+
}
1564+
1565+
workload_identity_config {
1566+
identity = "ns/tf-test-ns-%{random_suffix}/sa/%{identity_id}"
1567+
identity_certificate_enabled = %{identity_certificate_enabled}
1568+
}
1569+
}
1570+
1571+
resource "google_compute_machine_image" "foobar" {
1572+
name = "image-%{random_suffix}"
1573+
source_instance = google_compute_instance.vm.self_link
1574+
}
1575+
1576+
resource "google_compute_instance_from_machine_image" "foobar" {
1577+
name = "%{generated_instance_name}"
1578+
zone = "us-central1-a"
1579+
source_machine_image = google_compute_machine_image.foobar.self_link
1580+
1581+
workload_identity_config {
1582+
identity = "ns/tf-test-ns-%{random_suffix}/sa/%{identity_id}"
1583+
identity_certificate_enabled = %{identity_certificate_enabled}
1584+
}
1585+
}
1586+
`, context)
1587+
}
1588+
14931589
{{ if ne $.TargetVersionName `ga` -}}
14941590
func testAccComputeInstanceFromMachineImage_VSSWindows(context map[string]interface{}) string {
14951591
return acctest.Nprintf(`

mmv1/third_party/terraform/services/compute/resource_compute_instance_from_template_test.go.tmpl

Lines changed: 85 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -632,6 +632,40 @@ func TestAccComputeInstanceFromTemplate_DiskForceAttach(t *testing.T) {
632632
})
633633
}
634634

635+
func TestAccComputeInstanceFromTemplate_workloadIdentity(t *testing.T) {
636+
t.Parallel()
637+
638+
var instance map[string]interface{}
639+
instanceName := fmt.Sprintf("tf-test-%s", acctest.RandString(t, 10))
640+
templateName := fmt.Sprintf("tf-test-%s", acctest.RandString(t, 10))
641+
randomSuffix := acctest.RandString(t, 10)
642+
resourceName := "google_compute_instance_from_template.foobar"
643+
644+
context := map[string]interface{}{
645+
"instance_name": instanceName,
646+
"template_name": templateName,
647+
"random_suffix": randomSuffix,
648+
"identity_id": "tf-test-id-1-" + randomSuffix,
649+
"identity_certificate_enabled": true,
650+
}
651+
652+
acctest.VcrTest(t, resource.TestCase{
653+
PreCheck: func() { acctest.AccTestPreCheck(t) },
654+
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
655+
CheckDestroy: testAccCheckComputeInstanceFromTemplateDestroyProducer(t),
656+
Steps: []resource.TestStep{
657+
{
658+
Config: testAccComputeInstanceFromTemplate_workloadIdentity(context),
659+
Check: resource.ComposeTestCheckFunc(
660+
testAccCheckComputeInstanceExists(t, resourceName, &instance),
661+
resource.TestCheckResourceAttr(resourceName, "workload_identity_config.0.identity", fmt.Sprintf("ns/tf-test-ns-%s/sa/tf-test-id-1-%s", randomSuffix, randomSuffix)),
662+
resource.TestCheckResourceAttr(resourceName, "workload_identity_config.0.identity_certificate_enabled", "true"),
663+
),
664+
},
665+
},
666+
})
667+
}
668+
635669
{{ if ne $.TargetVersionName `ga` -}}
636670
func TestAccComputeInstanceFromTemplate_VSSWindows(t *testing.T) {
637671
t.Parallel()
@@ -2736,3 +2770,54 @@ resource "google_compute_instance_from_template" "foobar" {
27362770
`, context)
27372771
}
27382772
{{- end }}
2773+
2774+
func testAccComputeInstanceFromTemplate_workloadIdentity(context map[string]interface{}) string {
2775+
return acctest.Nprintf(`
2776+
data "google_compute_image" "my_image" {
2777+
family = "debian-11"
2778+
project = "debian-cloud"
2779+
}
2780+
2781+
resource "google_iam_workload_identity_pool" "pool" {
2782+
workload_identity_pool_id = "tf-test-pool-%{random_suffix}"
2783+
mode = "TRUST_DOMAIN"
2784+
}
2785+
2786+
resource "google_iam_workload_identity_pool_namespace" "ns" {
2787+
workload_identity_pool_id = google_iam_workload_identity_pool.pool.workload_identity_pool_id
2788+
workload_identity_pool_namespace_id = "tf-test-ns-%{random_suffix}"
2789+
}
2790+
2791+
resource "google_iam_workload_identity_pool_managed_identity" "id" {
2792+
workload_identity_pool_id = google_iam_workload_identity_pool_namespace.ns.workload_identity_pool_id
2793+
workload_identity_pool_namespace_id = google_iam_workload_identity_pool_namespace.ns.workload_identity_pool_namespace_id
2794+
workload_identity_pool_managed_identity_id = "%{identity_id}"
2795+
}
2796+
2797+
resource "google_compute_instance_template" "foobar" {
2798+
name = "%{template_name}"
2799+
machine_type = "e2-medium"
2800+
2801+
disk {
2802+
source_image = data.google_compute_image.my_image.self_link
2803+
auto_delete = true
2804+
boot = true
2805+
}
2806+
2807+
network_interface {
2808+
network = "default"
2809+
}
2810+
}
2811+
2812+
resource "google_compute_instance_from_template" "foobar" {
2813+
name = "%{instance_name}"
2814+
zone = "us-central1-a"
2815+
source_instance_template = google_compute_instance_template.foobar.self_link
2816+
2817+
workload_identity_config {
2818+
identity = "ns/tf-test-ns-%{random_suffix}/sa/%{identity_id}"
2819+
identity_certificate_enabled = %{identity_certificate_enabled}
2820+
}
2821+
}
2822+
`, context)
2823+
}

0 commit comments

Comments
 (0)